Take Basic Connectivity to a New Level
The Cisco® RV 120W Wireless-N VPN Firewall combines highly secure connectivity – to the Internet as well as from other locations and remote workers – with a high-speed, 802.11n wireless access point, a 4-port switch, an intuitive, browser-based device manager, and support for the Cisco FindIT Network Discovery Utility, all at a very affordable price. Its combination of high performance, business-class features and top-quality user experience takes basic connectivity to a new level.
Cisco RV 120W Wireless-N VPN Firewall
Product Overview
• High-speed, standards-based 802.11n wireless connectivity to help employees stay productive while away from their desks
• Integrated 4-port 10/100 switch with quality of service (QoS) support for enhanced voice, video and data traffic
• Support for separate “virtual” networks enables you to control access to sensitive information and to set up highly secure wireless guest access
• IP Security (IPsec) VPN support with hardware acceleration to deliver highly secure, high-performance connections to multiple locations and traveling employees
• Support for static routing, Routing Information Protocol (RIP) versions 1 and 2, and inter-VLAN routing to enable flexible connection sharing
• Proven stateful packet inspection (SPI) firewall, plus advanced wireless security to help keep business assets safe
• Simplified configuration through an intuitive, browser-based device manager
• Support for the Cisco FindIT Network Discovery Utility
Figure 2. Back Panel of the Cisco RV 120W
Figure 3. Typical Configuration
Table 1. Product Specifications
Wireless LAN Specifications
Table 2. Wireless LAN Specifications
Table 3. Table 3 System Specifications
Table 4. Configuration Requirements
| Feature | Description |
| Network adapter | PC with network adapter and Ethernet cable |
| Web-based configuration | Web browser |
If your business depends on Trend Micro Worry-Free Business Security, Advanced or Standard, then you should have received notification that WFBS 7.0 Patch 1 Build B1435 is now available.
The patches that have been released by Trend Micro allow for better integration into Microsoft Windows Small Business Server 2011 for one thing, but also fix important issues which have been reported. Even if you are not experiencing the issues, such as slow saves of Microsoft Office documents, you should install the latest patch.
It is available from the Trend Micro download center, or you can call upon your favorite computer & network service and support experts to apply the patch to your server/s.
Should you wish to try Trend Micro WFBS for your business, or require assistance, we are a Trend Micro partner offering sales and support to Greenville and the Upstate of SC. Email info@homelandsecureit.com or call 864.990.4748 for more information
Homeland Secure IT Alert
Secure IT Alert for Monday, January 31, 2011
Microsoft has announced in Security Advisory 2501696 that they are investigating a potential vulnerability that may exist in ALL current supported editions of Microsoft Windows (Including Windows 7, Server 2008, Vista, XP and Server 2003). In fact, the only version that may not be affected would be the Server Core installations.
According to the bulletin, Microsoft is aware of the “proof-of-concept” code that has been released, so they are looking into it further, though they have seen no “active exploitation of the vulnerability”.
MHTML is the culprit and apparently, it IS possible (under certain conditions) for the vulnerability to allow an attack to inject client-side scripts in the response of a web request run in the context of the user’s Internet Explorer. The script could then spoof content, disclose personal information or emulate any action that the user could actually take on the affected web site. (IE, make selections, input data, etc).
What can you do to protect yourself? According to MS, you could lock down MHTML, set your internet security zone settings to “high” to block ActiveX controls and Active Scripting (in IE, Tools, Internet Options, Security, Internet, Security level for this zone and set slider to High). You could also set IE to prompt before running “Active Scripting” or disable “Active Scripting” all together in the Internet and Local intranet security zone. (In IE, Tools, Internet Options, Security, Internet, CUSTOM LEVEL, then under Settings, find the Scripting section and set Active Scripting to “Prompt” or “Disable”. Same under Local Intranet.). You can then add sites that you trust to the IE Trusted sites zone.
Use of an anti-virus software package like Trend Micro Titanium or Trend Micro Worry-Free Business Security which has the ability to watch web traffic is HIGHLY recommended. And of course, you could use an alternative browser, such as Google Chrome, or Mozilla Firefox… Many firewalls and security appliances from vendors like Cisco, WatchGuard and SonicWALL have the ability to block this type of traffic as well.
If you have questions or concerns about your personal computer or an entire business network in the Greenville / Upstate, SC area, please call 864.990.4748 or email info@homelandsecureit.com
Homeland Secure IT Alert
One of our security partners, WatchGuard, was just awarded the CRN’s “Security Appliance Product of the Year” for their XCS 370 series device!
Here’s the press statement:
WatchGuard XCS 370 Security Appliance Wins in CRN’s 2010 Products of the Year
SEATTLE – January 11, 2011. WatchGuard® Technologies, a global leader of business security solutions, today announced that the company won the coveted CRN Everything Channel’s “2010 Products of the Year: Security Appliance” for the WatchGuard XCS 370.
CRN announces its Product of the Year Awards each December and recognized the XCS 370 for 2010 based upon its price, performance and power capabilities. “Many new products were introduced to the channel this year and narrowing our list was not an easy process. We needed to be sure that each product addressed a critical need, added significant value to the end user and made an immediate impact on how solution providers in the channel deliver technology,” said Kelley Damore, VP, Editorial Director, Everything Channel. “The winners are the best of the best and we congratulate them on producing top quality solutions.” Expanded coverage of the 2010 Products of the Year are featured in the December issue of CRN Magazine and online at www.crn.com.
“E-mail and the web are the main vectors for malware and other electronic threats entering enterprise networks today. No company is immune to this problem, but the deployment of combined WAM (web and messaging) security solutions can drastically reduce the volume of these threats,” said Phil Hochmuth, Program Manager for Security Products at IDC. “WatchGuard’s XCS 370 appliance targets the WAM security issue with a balance between price and performance geared towards mid-sized companies.”
“WatchGuard is very excited to receive this accolade from CRN. We believe that the XCS 370 exceeds the SMB customer’s expectations and provides best in class security and data loss prevention in an intuitive, easy to manage appliance,” said Mark Romano, Director of Global Channel and Field Marketing at WatchGuard Technologies and 2010 CRN Channel Chief.
WatchGuard XCS 370: Powerful Messaging Security for SMBs
WatchGuard XCS (Extensible Content Security) solutions, deliver the industry’s most effective defense-in-depth solution for email security, web security and data loss prevention. These easy-to-use, all-in-one solutions offer the most effective defense from email and web-based threats including spam, viruses, malware, URL filtering, blended threats, spyware and network attacks, as well as outbound content control to prevent data loss.
Small to mid-sized businesses do not need to pay high prices for powerful email security. WatchGuard XCS 370 appliances are affordable, complete email security solutions that defend against inbound threats including viruses, spam, blended threats, phishing, spyware and network attacks. The XCS 370 offers:
- Protection from bi-directional threats and content security across email and web, all in a single solution.
- Reputation Enabled Defense, WatchGuard’s innovative cloud/appliance hybrid security service, blocks more than 98% of unwanted and malicious email and web traffic at the connection level for rock-solid security and high performance.
- Powerful anti-spam with multiple layers of inspection and knowledge-based learning of unique messaging environments for more accurate spam detection.
- Deep content inspection and contextual analysis provides defense-in-depth approach for stronger protection from inbound spam, malware, blended threats, and network attacks.
- Zero-hour threat outbreak response closes the window of vulnerability to new threats with fastest response time.
- Attachment control blocks files that are known to be harmful so they never enter your network.
- Patented queue replication ensures zero message loss and continuity of business communications.
- Set-it-and-forget-it administration allows you to apply a single policy for total visibility and control of all email and web traffic without the need for a dedicated, costly management appliance.
More information about WatchGuard XCS solutions is available at www.watchguard.com.
About WatchGuard Technologies, Inc.
Since 1996, WatchGuard® Technologies, Inc. has been the advanced technology leader of business security solutions, providing mission-critical protection to hundreds of thousands of businesses worldwide. The WatchGuard family of wired and wireless unified threat management appliances, messaging, content security and SSL VPN remote access solutions provide extensible network, application and data protection, as well as unparalleled network visibility, management and control. WatchGuard products are backed by WatchGuard LiveSecurity® Service, an innovative support, maintenance, and education program. WatchGuard is headquartered in Seattle and has offices serving North America, Europe, Asia Pacific, and Latin America. To learn more, visitwww.watchguard.com.
WatchGuard is a registered trademark of WatchGuard Technologies, Inc. All other marks are property of their respective owners.
—
Should you desire more information about the WatchGuard XCS 370 or other WatchGuard security products, please call 864.990.4748 or email info@homelandsecureit.com. We offer sales, consultation and support of WatchGuard and other security devices to Greenville and Upstate SC businesses.
Stranger lurks behind our office
I was reminded just how useful cameras can be after watching a segment on the news this morning where a young lady was using an inexpensive app on her iPhone that allowed her to check in on her dog by viewing the camera on her PC. She just happened to catch a burglar in the process! More on that HERE.
That story had a pretty happy ending. Through the use of the video captured, the police were able to apprehend the suspect, though I didn’t hear whether her iPod and chargers were recovered. If they have the right guy, thanks to a 5 dollar iPhone app, she helped get one more bad guy off the street.
Over the weekend here at our office, I received emails from our digital network video recorder (DVR / NVR) which alerted me to motion taking place around our building. Police cruisers driving behind the building are not uncommon, but the fella to the right who changed clothes, washed stuff off his boots and hands and left his clothing behind was pretty sketchy.
Thanks to the full motion recordings, we are able to offer law enforcement high quality photo stills and video, complete with time stamps, from several angles and cameras. (We have about 13 cameras around our office).
This type of protection is available for your home and office for an amazingly small investment. We have CCTV and network camera systems to fit every possible scenario and budget. From a single camera at your home, to 4, 8 or 16 at a small business, or even dozens of cameras with pan, tilt and zoom capability at your corporate office. We have cameras available that see in complete darkness, and even cameras that are so small you can’t see them (or may be disguised as a smoke detector, sprinkler head, exit sign, etc).
You can view the cameras in real-time from your iPhone, Android or even Blackberry smartphone, or any web browser, from anywhere in the world! You can be alerted when motion occurs in a particular area via an email. Recordings can be accessed days, weeks or even months after an event occurs.
For a free consultation about how security cameras can help protect your Greenville / Upstate SC property, loved ones, and even reduce your insurance costs, please call us at 864.990.4748 or email info@homelandsecureit.com.
It sure has been an event filled weekend regarding security! Several high profile sites have been hacked… The largest is the Gawker controlled sites, Gawker, Gizmodo, Lifehacker and a slew of others where it is estimated that as many as 1.5 million usernames and passwords may have been compromised.
Supposedly, the Gawker passwords also allowed Facebook to be used for spamming acai berry ads from compromised accounts.
Two other major sites, McDonalds and Walgreens, fell victim to hackers over the weekend too.
It should be plain to see that anyone using the same login and password on multiple sites is the most vulnerable. Therefore, it is recommended that you use a different password on every site you use, so in the event of one site becoming the target of hackers, at least your password will not be used to log into other sites, such as banking, or even medical.
Some of you are already complaining, I can hear you all the way over here at my office and I feel your pain! When you are subscribed to a dozen blogs, do your banking online, use services like eBay, or social media sites like Facebook, Twitter, etc, you would have to have, and more importantly REMEMBER dozens of accounts and passwords.
Fortunately, there are password management tools that can help you. There are free apps that accomplish this for your Android, Blackberry or iPhone, and many more for your Windows or Mac based computer. These apps will even create random passwords for you so you don’ t have to come up with a password each time you create a new account.
Just what IS a secure password? I’m glad you asked! A secure, or “strong” password should be at least 8 characters long, contain Upper/lower case characters, a number or more, and special characters such as “%”, “@” or “&”. It should not include any part of your login name, or any information such as your name, or birthdate. The best password would contain no actual words, but appear something like this: xTgRaQ3@l1)
Think your password is secure? Check it out HERE
If you feel your computer or password may have been compromised, please seek assistance from your computer security support specialist who can help assess the extent of the damage. We provide a full line of computer repair, service, support and security, as well as free consultation in Greenville and Upstate SC… Call 864.990.4748 or email info@homelandsecureit.com for additional information…
Don't buy it - Microsoft is not going to call you and offer to help!
Today has been interesting… I received an email from a long-time friend saying he had the strangest phone call, from MICROSOFT… They informed him that his system was vulnerable and that they wanted to help him fix it if he would give them access to his system by visiting a website.
This guy was born at night, but he wasn’t born last night, so he questioned it, and when he did so, they hung up on him as expected.
It seems a once popular old scam has returned from the grave. In fact, a quick Google search just now turned up this showing that it is happening elsewhere, not just here.
With that said, please keep in mind, Microsoft is NEVER going to to call you and offer to help fix your computer security issues. That is like thinking the US Government is going to call you up and offer to fix your financial woes.
This is called “Social Engineering” and it has been around for as long as people could reach out and touch someone. In the *old* days, a person would call their mark on the phone and tell them they were with Ma Bell and that they were updating their records. Then they would give them a little information about them, such as “We have your phone number as 555-1212, and your name is Joe Schmoe, we are setting up security measures so we can insure your privacy, can you please give me your mother’s maiden name? Now how about your social security number so we can identify you when you call us in the future?”. Sure enough, if the person on the other end of the phone sounded official, the mark would give them anything they wanted.
This only works on people who are trusting. So here is your warning to question things that come to you with no reason. Question that strange phone call asking for more information about you, question why you should open a particular link that a ‘friend’ sends you in email, question why you might need to install a codec, player or driver when visiting a website, and for goodness sakes, question why Microsoft might call you up wanting to help.
If you have fallen for this type of scam, please contact a computer service professional and have them thoroughly checkout your machine for rootkits, keystroke loggers, and other forms of malware. For more information you can email info@homelandsecureit.com or call 864.990.4748 in the Greenville / Upstate area.
Have a very happy Thanksgiving, we ALL have so much to be thankful for!
A post today on Trend Micro’s TrendLabs Malware blog pointed out how spammers will use the upcoming G-20 Summit as a way to distribute their content.
It works like this: The spammer sends emails out, they appear to come from the Japanese finance ministry and contain comments on issues related to the Summit.
Should you click on the link, it will lead to a .ZIP file, and when that is run, it opens a Word document which helps cover its tracks so that it does not appear to be malicious… Trend explains that what REALLY happens is that a malicious file is contained in the payload, and the registry is modified so that it is run at startup.
Trend Micro Worry Free Business Security Advanced and ScanMail as well as other Trend Micro products successfully detect this as the appropriately named “TROJ_DROPPER.WTH” and stops it before it gets into your system. The actual malicious file is detected as “TROJ_AGENT.JAAK”.
This is nothing new, every major news-worthy event for the past few years has served as a transport mechanism for various malware and spam messages. If a spammer uses “US President Attacked” as a topic, chances are good, if the from address looks legitimate that a large percentage of people will open it. If that message contains ONLY spam, then at the very least, thousands or tens of thousands of people have just seen their ad about some product or another. If it contains a link to a malicious site, many will follow that link if it looks enticing.
As always, use common sense, and be sure to employ some form of mail system protection. We recommend Trend Micro WFBS Advanced for small businesses like our own.
If you would like additional information about Trend Micro’s security products, or how you can stop or at least cut down on spam that affects your Microsoft Exchange Server, email us at info@homelandsecureit.com or call 864.990.4748. We offer Greenville and Upstate businesses free consultations, and we can help reduce your spam and mail issues!
TOP 10 REASONS CUSTOMERS CHOOSE TREND MICRO
Homeland Secure IT believes that Trend Micro Anti-Virus / Anti-Malware products offer the best value and best performance, but don’t take our word for it, what follows are the top 10 reasons customers choose Trend Micro:
1. Trend Micro Works hard to make customers happy.
Trend Micro Internet Security is great for business or personal use!
“Trend Micro is just great– professional, responsive, and a real pleasure to work with.” – Craig Berry, Senior Vice President and Chief Information Officer, UGS PLM Software, Plano, Texas
2. Trend Micro understands its customer’s business.
“We are still partnering with Trend Micro today because they offer us more than just point products. They look at our overall environment and help us make the right decisions within the context of our business environment.” - Antonio Traetto, Networks and Storage Manager, IT, Rexam, London, UK
3. Trend Micro saves customers time by delivering easy-to-use solutions
“Once we put Trend Micro products in place, we didn’t have to spend as much time on security. The software takes care of everything for us and it’s working great. With the level of automation that we’ve gained, we don’t have to intervene. This has been huge— to know that our protection has been increased while our work has been reduced.” - Steve Buche, Chief Information Officer, Christian Homes
4. Trend Micro’s leadership and protection earns customers’ trust.
“I appreciate the timesaving, centralized administration of the Trend Micro solutions. But it’s the company’s leadership in technology and overall protection that keeps me a loyal Trend Micro customer. In our business, we have to take care of our buyers and sellers. We take that job seriously and Trend Micro helps us earn the trust of our customers. That keeps them safe and that keeps our company safe.” - Brian Carpenter (CISSP), Sr. Network and Systems Administrator, Heritage Auction Galleries (www.HA.com), Dallas, Texas
5. Trend Micro offers superior protection with multilayered solutions.
“We face very sophisticated, variable threats today—making it hard to keep up. To help us overcome this challenge, Trend Micro gives us an enterprise strategy that includes the best possible messaging protection at the gateway and at the mail server. Multilayered solutions— and strategies for cleaning up unwanted content— create a solid end-to-end approach. This is the extra added value we get from Trend Micro.” - Antonio Traetto, Networks and Storage Manager, IT, Rexam, London, UK
6. Trend Micro goes the extra mile.
“We were very impressed with the help we got from Trend Micro sales and engineering teams. We were used to software vendors that sent us software and wished us luck—Trend Micro was clearly motivated to help us succeed and they were there to provide all the information we needed to make sure our network-wide deployment went smoothly and met all of our requirements.” – Eric Ellerman, Network Manager, IT, Dot Foods
7. Trend Micro offers a range of scalable solutions.
“Through all stages of our growth, Trend Micro solutions have served us very well, reliably adapting and scaling as we needed to provide a stable environment for students and staff.” – Matthew Chapman, Assistant Director, Information Communications and Technology Services, Orange County Public Schools, Florida
8. Trend Micro listens and delivers on its promises.
“The integrated products and centralized management set Trend Micro apart from the competition right from the start. They were the fi rst to cover the desktop, servers, and gateways with a centralized management console. We have been with Trend Micro ever since and it has never let us down. Trend Micro works WITH you. Lots of other vendors don’t. Trend Micro listens and gives us what we need to succeed in our business.” – Gary Hall, Founder, Hall Computer Services, Brisbane, Queensland, Australia
9. Trend Micro keeps up with new and evolving web threats.
“Trend Micro™ InterScan™ Web Security Suite and Trend Micro InterScan™ Messaging Security play a vital role in our first line of defense against Web threats by filtering traffic and blocking attacks right at the gateway. We needed to address the growing issue of spyware, phishing, and virus threats, and without Trend Micro products, there would be a gap in our managed services portfolio, and an inability to protect customers from these types of threats.” – Alexandre Rigaldo, Business Security Solutions Manager, Orange Business Services
10. Trend Micro makes life easier.
“Trend Micro offered us a solution that was less complicated than the others. From a technical point of view, it was the speed and simplicity of installation, and we had a good impression of Trend Micro’s overall approach. It was also very important to us to work with a reliable partner—the first-class qualifications and assistance we received from our local Trend Micro team put us completely at ease.” – Massimo Carnevali, Manager Information Systems, City of Bologna, Italy
—
There is a Trend Micro product that is right for just about every situation such as Worry Free Business Security (WFBS) and OfficeScan. Tired of Spam? WFBS Advanced and ScanMail can cut your unwanted junk mail down to a trickle. Smaller offices may want a hosted service to protect them from viruses, trojans, worms, malware, spyware, and more.
If you would like information, or a free consultation please email us at info@homelandsecureit.com or call 864.990.4748. We offer the entire line of Trend Micro products & provide installation and support in the Greenville / Upstate SC area. We also offer virus cleanup and removal service should you decide anti-virus is not for you.
Homeland Secure IT Alert
Secure IT Alert for August 13, 2010
The following information comes courtesy of WatchGuard…
QuickTime Movie Handling Vulnerability Only Affects Windows Users
Severity: Medium
13 August, 2010
Summary:
- These vulnerabilities affect: QuickTime 7.6.6 and earlier for Windows (Mac version is unaffected)
- How an attacker exploits them: By enticing your user into viewing a maliciously crafted movie
- Impact: An attacker could execute code on your user’s computer, potentially gaining control of it
- What to do: Download and install QuickTime 7.6.7 for Windows or let Apple’s Software Update tool do it for you at your earliest convenience
Exposure:
Late Yesterday, Apple released a security update to fix a single vulnerability in the Windows version of QuickTime, their popular media player. According to Apple, the error logging component in QuickTime suffers from a buffer overflow vulnerability. By luring one of your users into viewing a maliciously crafted movie, an attacker can exploit this buffer overflow to execute code on that user’s computer, with that user’s privileges. Since most Windows users have local administrative privileges, attackers could often leverage this flaw to gain complete control of Windows machines.
Though Apple’s QuickTime update only fixes one security flaw, it is a fairly risky one. If you use QuickTime in your network, we recommend you update it at your earliest convenience
Solution Path:
Apple has released QuickTime 7.6.7 to fix this security issue. Windows administrators who allow QuickTime in their network should download, test, and deploy the updated version at your earliest convenience. By default, Apple’s download bundles iTunes with QuickTime, but because iTunes often has security issues of its own, we recommend that you select the option of downloading QuickTime alone.
For WatchGuard Users:
You can mitigate the risk of this flaw by blocking .mov files with your WatchGuard appliance. QuickTime is primarily used to play .mov files, which is likely the type of movie file an attacker would leverage to exploit this flaw. You can use the HTTP, SMTP, and FTP proxy on some WatchGuard appliances to block files by their extension. If you want to block QuickTime movie files, the links below contain video instructions showing how to block them by extension (.mov). Keep in mind, this technique also blocks legitimate movies as well.
- Firebox X Edge running 10.x
- Firebox X Core and X Peak running Fireware 10.x or Fireware XTM
Status:
Apple has released updates to fix these issues.
References:
This alert was researched and written by Corey Nachreiner, CISSP.
—
If you require assistance with this or any other network security related issue in the Greenville / Upstate SC area, please call 864-990-4748 or email info@homelandsecureit.com
Homeland Secure IT Alert
